Ok, another geek post. I was recently invited to be someone’s ‘friend’ on a website. I clicked on the link to check it out and was surprised at the amount of information I was being asked for, specific to identity. They wanted my name, date of birth (including the year) and even asked for my e-mail password. Why on earth would they need that? Needless to say, I did not register. I’m not being paranoid here. Just cautious.
Let’s talk about the internet and how easy it is to have way more identity than you bargain for taken from you – without your even recognizing it.
We are getting used to the ‘fake’ e-mails from our bank or Paypal, spoofing sites that we know in order to get our information. We know not to trust. But the next generation of identity theft is to make a relationship with you, and gather your information over time.
Here is a ficticious scenario that you might relate to: Say there is a new scrapbooking website with a message board. It’s posted all over the internet. They offer everybody that posts on the message board during the month of November a free t-shirt or entry into a drawing for a big prize. I’m making this up, so just run with me here…
They have a fun site. People flock to it. They have a scrapbook kit that you can buy when you want to, no commitment – and it’s a great price…lots of people order it. They are looking for a design team – people register like crazy. November comes, December comes – and then on January 1st, suddenly your login isn’t working at the site. You try again. Perhaps it is a different password? You try another password, and another. Nothing is working.
But herein lies the problem – their site is made not to work at this point, and they are actually logging every password attempt. People want to get in. Why isn’t it working? They’ll give a try with all of their passwords. They’ll just try one after the other, after the other, until they’ve gone through their whole password list and the site owner has just taken all of their passwords. And if they’ve ever bought anything the site owners know where their bank is, they know what their branch is because they have their credit card and they can trace that.
Identity theft is insidious – and it is much easier to have it happen than you might think.
Change passwords OFTEN. Don’t make it something easily guessable. Treat those passwords like you would treat your social security number and credit card information. The internet is the least secure environment and people will take advantage of that until identity is something that you cannot fake. For now, everybody that has a website should be regarded with the same scrutiny as an ad in the personals or their chosen avatar really representing how they look. Be careful out there.